What next? LDAP
Felipe Alfaro Solana
felipe.alfaro at gmail.com
Thu Jun 2 15:05:44 UTC 2005
On 6/2/05, Kenneth Porter <shiva at sewingwitch.com> wrote:
> Agreed. I'm trying to get up to speed on deploying OpenLDAP together with
> the Samba schema to get single sign-on and a global address book, but it's
> been tough marshaling all the HOWTO's to figure out what's really required.
> I went down a wrong path using the PADL scripts bundled with OpenLDAP
> (because I failed to select the "enhanced" schema in the common config
> file) and they also fail badly on the /etc/services file due to the
> presence of Apple protocols. So far the best information for initial setup
> seems to be in the HOWTO's at <http://samba.idealx.org/>, but I'm still
> working through it to understand how to migrate my existing setup.
Single sign-on doesn't require a LDAP server, but some kind of central
identity magament which can be supplied by using a Kerberos V KDC like
the Kerberos V MIT implementation that comes in the form of krb5-*
packages for Fedora Core.
Once upon I time I wrote the attached document which enumerates all
the steps I had to perform in order to set up a Kerberos V KDC and how
to configure services like OpenSSH to support single sign-on. HTH.
-------------- next part --------------
An embedded and charset-unspecified text was scrubbed...
Name: Kerberos.txt
URL: <http://listman.redhat.com/archives/fedora-devel-list/attachments/20050602/60f739b3/attachment.txt>
More information about the fedora-devel-list
mailing list